.ENV Instead of putting credentials in config.php

odannyc

So I want to be able to put database passwords into .env file in the root of my app and .gitignore that file.
I was looking around and found phpdotenv solution but didn't seem to work well since I keep getting a 500 server error

Anyone have any suggestions?

x00

Don't do it is my suggestion. The framework is designed a certain way for a reason. config.php itself should .gitignored

What are trying to achieve?

R_J

I like the idea of having a universal file for db access. But I use different databases for each different purpose so it wouldn't be of any help for me personally.

I understand the need to give any extra security on anything. But wouldn't it be easier to use a .htaccess like that in your /conf directory?

AuthName "config"
AuthType Basic
AuthUserFile ./.htpasswd
require valid-user

But that all doesn't answer your question. I guess it should be possible. Maybe you could add some lines of code in /conf/bootstrap.before.php to add your db credentials to your configuration...

R_J

Actually it is quite easy!

• Create your .ENV
• Create a file in your Vanillas /conf folder called bootstrap.early.php
• Use following code in there

<?php

/*
Get the info from your .ENV file. Maybe a simple

require('.ENV');

is enough, and maybe you have to use other functions to extract the
info depending on the format of your .ENV file

Whatever: get the information into variables that you can use for the
next step
*/

// Save it __temporarily__ to the config.
saveToConfig('Database.Name', $DatabaseName, array('Save' => false));
saveToConfig('Database.Host', $DatabaseHost, array('Save' => false));
saveToConfig('Database.User', $DatabaseUser, array('Save' => false));
saveToConfig('Database.Password', $DatabasePassword, array('Save' => false));

• Delete the Database.Name, Host, User, Password lines from /conf/config.php

That's it!